Global Dialogue on Governmental Extra-Territorial Surveillance

This is the seven article of our Spies Without Borders series. The series looks into how the information disclosed in the NSA leaks affects Internet users around the world whose private information is stored in U.S. servers, or whose data travels across U.S. networks.

As news of the alarmingly broad reach and scope of the U.S. surveillance program reverberates around the globe, we call for a global dialogue on the increased capacity of States around the world to conduct sweeping extra-territorial surveillance from domestic soil. While internationalpublic outrage has justifiably decried the scope and reach of U.S. broad surveillance on foreigners, the fact that the U.S. government has carte blanche surveillance powers over foreigners is not new.

In truth, U.S., foreign intelligence has always had nearly limitless legal capacity to surveil foreigners because domestic laws and protections simply don't cover that activity. So while this isn't a new problem, it has been exacerbated as the U.S. has enjoyed a dramatic increase in practical capacity to gather and analyze data that has not been matched with an increase in legal protections. In this context, we asked Korea University Law School Professor Kyung Sin (“K.S.”) Park, Open Net, South Korea to provide his views on the matter.

Note: This is a guest blogpost. We do not necessarily endorse the views expressed nor have we checked the facts asserted.

A Call for Global Dialogue on Principles on “Cross-Border” Surveillance (and Korean PRISM?)

By Professor Kyung Sin (“K.S.”) Park, Open Net

What procedural safeguards shall we demand from our government agencies conducting communications surveillance on people in other countries, regardless of where the surveillance is taking place? Unbeknownst to many, this is the question exposed bare by the recent controversy surrounding PRISM, a scheme of warrantless or secret-warrant-based surveillance taking place within U.S. on people in and outside the U.S., and we need a global dialogue in answering this question, which is more intractable than one may think

Yes, in the ideal world governed by me, I might make many changes to the current system. In an ideal world, maybe we could outlaw all wars and military actions. We could also ban all domestic or foreign surveillance, except under warrants carefully crafted by an independent judiciary wholly disinterested in making surveillance a practice. In fact, in such a world, we could also dissolve all national borders.

But we do not live in that ideal world. In this real world, it is surprisingly not clear what international norms should govern an answer to a question like: Should the agents of MI6, CIA, and KNIS (Korean National Intelligence Service) obtain normal court warrants to wiretap or eavesdrop on their respective potential enemies or on one another? Lack of such norms allowed the US to set up FISA more than 30 years ago, to allow warrantless or secret-warrant domestic surveillance on foreign agents in the US. Moreover, with the advent of the global communication system that is the Internet, US surveillance systems were enabled to access a vast trove of communication information of foreigners in and outside the US. Yet when it comes to outside the U.S., even FISA does not apply, meaning that there seems to be no restriction. Indeed, there is no international principle on cross-border communication surveillance, i.e., state surveillance on people residing outside that state’s territory, regardless of where the information is intercepted.

Maybe, for this reason, we have yet to see American civil society demanding full dismantling of the FISA system. American civil society’s immediate concern has been justifiably local: that the U.S. used FISA wiretapping against their own citizens or residents who are not foreign agents, as proven by the recently leaked court order requiring disclosure of millions of Verizon users, unavoidably people on American soil and mostly innocent given the sheer number. Also, the U.S. is now suspected of sharing the PRISM data with several countries of mainly Anglo or Germanic ancestry. People of these countries certainly should protest against such sharing which allows their governments to sidestep all the domestic due process of law, warrant and what not, in achieving surveillance on their own people. So, Americans and their “allies” already have enough to be angry about.

But, how about the rest of us such as Koreans, with whom the U.S. supposedly has not shared the PRISM data? For one, if we non-Americans are to be angry for the same reason that Americans are angry about FISA and PRISM, our civic anger should be first directed towards our own governments, conducting surveillance on our “own citizens.” In Korea of 2011, a total population of 50 million, 7,167 phone numbers were wiretapped, 37.3 million phone numbers’ (or email addresses’ or internet ids’) communication metadata were turned [Korean] over to the police, and users’ identity on 5.84 million phone numbers’ or internet ids were turned over. Per capita, the number of Korea’s wiretaps is about 15 times the U.S. (2,732) in the same period. Yes, the laws are in place and do require, as other developed countries do, a super-warrant for wiretapping and a certificate of “need to investigate” for acquiring communication metadata but the sting of the numbers is exactly in that law: More than half the total population of Korea “needed to be investigated”? The numbers only account for the ostensibly domestic surveillance, on top of which, Asian constituents should also worry whether their own foreigner-targeting intelligence agencies are actually targeting their domestic citizens. So, certainly, non-Americans shocked by PRISM should also take a sane look at whether they all have their own PRISMS. (Just last week, the Korean Police even set up a ‘backdoor’ with major telcos for metadata[Korean]. Now automated, only God knows how many phones will be metadata-searched.)

At the same time, for this to be a learning process for everyone including Americans, countries that attained that data, and the rest of the world outside the loop, we should begin a global discussion on the question: can we make intelligence agents targeting foreign nationals act under legal procedures protecting the rights of people to whom the agents are not politically accountable? To put it bluntly, since these intelligence agencies are the creatures of our democratically elected governments, how much should we allow ourselves to snoop on one another across the borders? Should they obtain warrants from courts?

Now, of course, before answering, we should take in the weight of these questions because answers to them will determine the fate of all secretive overseas intelligence-gathering agencies including NSA. It is surprisingly a difficult question. I conjecture that the difficulty comes from the fact that, whereas a warrant is valuable because it is issued by an official independent from the success of the investigation and yet politically accountable to the people under surveillance. For obvious reasons, there cannot be such official for cross-border surveillance.

At any rate, there is a quick way to jumpstart such global dialogue. Open Net, EFF, Privacy International, Access Now, and many other digital rights groups have engaged in an effort past few months to write down the international human rights principles applicable to all forms of communications surveillance. Yes, the International Convenant on Civil and Political Rights (ICCPR) already protects privacy but communications privacy presents special issues because communications are on one hand human actions traversing often large expanses of time and space vulnerable and arguably open to interceptions, and on the other hand carry the messages, the results of the communicators’ personal thoughts. We just need more of you to participate in this process to decide on the territorial scope of these Principles, which will also set the restrictions on cross-border communications surveillance.

EFF will continue blogging about the impact of the NSA leaks on Internet users abroad in our Spies Without Borders series.

Related Updates

This weekend Apple took a dispiriting step in the policing of its Chinese mainland App store: the company removed several Virtual Private Network (VPN) applications that allowed users to circumvent the China’s extensive internet censorship apparatus. In effect, the company has once again aided the Chinese government in...

The detention of a group of human rights defenders in Turkey for daring to learn about digital security and encryption continued last week with a brief appearance of the accused in an Istanbul court. Six were returned to jail, and four released on bail. In an additionally absurd twist, the...

"The laws of mathematics are very commendable but the only law that applies in Australia is the law of Australia", said Australian Prime Minister Malcolm Turnbull today. He has been rightly mocked for this nonsense claim, that foreshadows moves to require online messaging providers to provide law enforcement with...

This week is an important one in the ongoing negotiations over new copyright rules in Europe—which will have reverberations all over the world. As you may recall, the negotiations centre around two worrisome proposals being pushed by publisher and music industry lobby groups for inclusion in a new Digital...

This week, the political heads of the intelligence services of Canada, New Zealand, Australia, the United Kingdom, and the United States (the "Five Eyes" alliance) met in Ottawa. The Australian delegation entered the meeting saying publicly that they intended to "thwart the encryption of terrorist messaging." The final communiqué...

A country has the right to prevent the world’s Internet users from accessing information, Canada’s highest court ruled on Wednesday. In a decision that has troubling implications for free expression online, the Supreme Court of Canada upheld a company’s effort to force Google to de-list entire domains and websites...

This week, EFF joined Creative Commons, Wikimedia, Mozilla, EDRi, Open Rights Group, and sixty other organizations in signing an open letter [PDF] addressed to Members of the European Parliament expressing our concerns about two key proposals for a new European "Digital Single Market" Directive on copyright. These are the...

Since last year, Indian citizens have been required to submit their photograph, iris and fingerprint scans in order to access legal entitlements, benefits, compensation, scholarships, and even nutrition programs. Submitting biometric information is needed for the rehabilitation of manual scavengers, the training and aid of disabled people, and anti-retroviral...

In 2011, Colombian graduate student Diego Gomez shared another student’s Master’s thesis with colleagues over the Internet. After a long legal battle, Diego was able to breathe a sigh of relief today as he was cleared of the criminal charges that he faced for this harmless act of sharing...